Sunday, January 17, 2010

Cyber Terrorism In India: A Government Nightmare

Cyber Terrorism in India is a serious national security problem. India must not take the threats of Cyber war and Cyber Terrorism lightly and should take active steps to prevent the same. The Home Ministry of India must take some serious steps to ensure a robust cyber security in India so that threats of cyber war and cyber terrorism can be prevented and cured at an earlier stage. Even the cyber laws all over the World must be stringent and reasonable so that these nefarious activities can be curbed.

Cyber terrorism is the premeditated use of disruptive activities, or the threat thereof, in cyber space, with the intention to further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives.

Computers and the internet are becoming an essential part of our daily life. They are being used by individuals and societies to make their life easier. They use them for storing information, processing data, sending and receiving messages, communications, controlling machines, typing, editing, designing, drawing, and almost all aspects of life.

The most deadly and destructive consequence of this helplessness is the emergence of the concept of “cyber terrorism”. The traditional concepts and methods of terrorism have taken new dimensions, which are more destructive and deadly in nature. In the age of information technology the terrorists have acquired an expertise to produce the most deadly combination of weapons and technology, which if not properly safeguarded in due course of time, will take its own toll. The damage so produced would be almost irreversible and most catastrophic in nature. In short, we are facing the worst form of terrorism popularly known as “Cyber Terrorism”.

The law dealing with cyber terrorism is, however, not adequate to meet the precarious intentions of these cyber terrorists and requires a rejuvenation in the light and context of the latest developments all over the world.

Terrorist prefer using the cyber attack methods because of many advantages for it. These are:-

1. It is Cheaper than traditional methods.
2. The action is very difficult to be tracked.
3. They can hide their personalities and location.
4. There are no physical barriers or check points to cross.
5. They can do it remotely from anywhere in the world.
6. They can use this method to attack a big number of targets.
7. They can affect a large number of people.

Forms of cyber terrorism

(I) Privacy violation: Law of privacy is the recognition of the individual’s right to be let alone and to have his personal space inviolate. The right to privacy as an independent and distinctive concept originated in the field of Tort law, under which a new cause of action for damages resulting from unlawful invasion of privacy was recognized.

(II) Secret information appropriation and data theft: The information technology can be misused for appropriating the valuable Government secrets and data of private individuals and the Government and its agencies.

(III) Demolition of e-governance base: The aim of e-governance is to make the interaction of the citizens with the government offices hassle free and to share information in a free and transparent manner. It further makes the right to information a meaningful reality. In a democracy, people govern themselves and they cannot govern themselves properly unless they are aware of social, political, economic and other issues confronting them. This, right to receive information is, however, not absolute but is subject to reasonable restrictions which may be imposed by the Government in public interest.

(IV) Distributed denial of services attack: The cyber terrorists may also use the method of distributed denial of services (DDOS) to overburden the Government and its agencies electronic bases. This is made possible by first infecting several unprotected computers by way of virus attacks and then taking control of them. Once control is obtained, they can be manipulated from any locality by the terrorists. These infected computers are then made to send information or demand in such a large number that the server of the victim collapses.

(V) Network damage and disruptions: The main aim of cyber terrorist activities is to cause networks damage and their disruptions. This activity may divert the attention of the security agencies for the time being thus giving the terrorists extra time and makes their task comparatively easier. This process may involve a combination of computer tampering, virus attacks, hacking, etc. The intention of a cyber terrorism attack could range from economic disruption through the interruption of financial networks and systems or used in support of a physical attack to cause further confusion and possible delays in proper response.

Effects of Cyber Terrorism on economic & social life

Direct Cost Implications

• Loss of sales during the disruption
• Staff time, network delays, intermittent access for business users
• Increased insurance costs due to litigation
• Loss of intellectual property – research, pricing, etc.
• Costs of forensics for recovery and litigation
• Loss of critical communications in time of emergency.

Indirect Cost Implications

• Loss of confidence and credibility in our financial systems
• Tarnished relationships& public image globally
• Strained business partner relationships – domestic and internationally
• Loss of future customer revenues for an individual or group of companies
• Loss of trust in the government and computer industry


The following are notable incidents of cyber terrorism:

• In 1998, ethnic Tamil guerrillas swamped Sri Lankan embassies with 800 e-mails a day over a two-week period. The messages read “We are the Internet Black Tigers and we’re doing this to disrupt your communications.” Intelligence authorities characterized it as the first known attack by terrorists against a country’s computer systems.

• During the Kosovo conflict in 1999, NATO computers were blasted with e-mail bombs and hit with denial-of-service attacks by hacktivists protesting the NATO bombings. In addition, businesses, public organizations, and academic institutes received highly politicized virus-laden e-mails from a range of Eastern European countries, according to reports. Web defacements were also common.

• Since December 1997, the Electronic Disturbance Theater (EDT) has been conducting Web sit-ins against various sites in support of the Mexican Zapatistas. At a designated time, thousands of protestors point their browsers to a target site using software that floods the target with rapid and repeated download requests. EDT’s software has also been used by animal rights groups against organizations said to abuse animals. Electrohippies, another group of hacktivists, conducted Web sit-ins against the WTO when they met in Seattle in late 1999.

The Interpol, with its 178 member countries, is doing a great job in fighting against cyber terrorism. They are helping all the member countries and training their personnel. The Council of Europe Convention on Cyber Crime, which is the first international treaty for fighting against computer crime, is the result of 4 years work by experts from the 45 member and non-member countries including Japan, USA, and Canada. This treaty has already enforced after its ratification by Lithuania on 21st of March 2004. The Association of South East Asia Nations (ASEAN) has set plans for sharing information on computer security. They are going to create a regional cyber-crime unit by the year 2005.

The protection of I.T.A can be claimed for:

a) Preventing privacy violations,
(b) Preventing information and data theft,
(c) Preventing distributed denial of services attack (DDOS), and
(d) Preventing network damage and destruction.

Here are few key things to remember to protect from cyber-terrorism:

1. All accounts should have passwords and the passwords should be unusual, difficult to guess.
2. Change the network configuration when defects become know.
3. Check with venders for upgrades and patches.
4. Audit systems and check logs to help in detecting and tracing an intruder.
5. If you are ever unsure about the safety of a site, or receive suspicious email from an unknown address, don’t access it. It could be trouble.

The problems associated with the use of malware are not peculiar to any particular country as the menace is global in nature. The countries all over the world are facing this problem and are trying their level best to eliminate this problem. The problem, however, cannot be effectively curbed unless popular public support and a vigilant judiciary back it. The legislature cannot enact a law against the general public opinion of the nation at large. Thus, first a public support has to be obtained not only at the national level but at the international level as well. The people all over the world are not against the enactment of statutes curbing the use of malware, but they are conscious about their legitimate rights. Thus, the law to be enacted by the legislature must take care of public interest on a priority basis. This can be achieved if a suitable technology is supported by an apt legislation, which can exclusively take care of the menace created by the computers sending the malware. Thus, the self-help measures recognized by the legislature should not be disproportionate and excessive than the threat received by the malware. Further, while using such self-help measures the property and rights of the general public should not be affected.

Referred Works

1. Praveen Dalal, Cybercrime and cyberterrorism: Preventive defense for cyberspace violations

2. Praveen Dalal,
Private defence in cyberspace

3. Wikipedia,
Cyberterrorism

4. Praveen Dalal,
Techno-Legal Compliance In India: An Essential Requirement

India Caught On The Wrong Foot Of Cyber Anarchy

This work is analysing the strategic and policy lacunas of Indian Government in the fields of Cyber Law, Cyber Security, Cyber Forensics, etc. As a result India has not only become a safe heaven for cyber criminals but also a “soft target” for hackers and cyber war criminals worldwide. A dominant majority of work, suggestions and recommendations in these crucial directions have been done/provided by Mr. Praveen Dalal, Managing Partner of Perry4Law and the leading Techno-Legal Expert of India. This work is summarising his suggestions and recommendations (with his approval) and we hope the Government of India in general and the Prime Minister Mr. Manmohan Singh in particular would consider and act upon these suggestions.

Cyber law enforcement and regulation passing through a bad phase in India. It is evident from the recent attack by the Chinese Hackers to the computers in the Prime Minister's Office (PMO). The sinister attempt was made around December 15 last year. Investigators are still coming to terms with the depth of the damage. There is hardly any conviction of cyber criminals in India. On the one hand India has bad and weak cyber law whereas on the other hand law enforcement is hardly aware about the basics of cyber law and cyber forensics. India has become a safe heaven for cyber criminals. The hackers had aimed high - their targets were the cream of India's national security set-up: National Security Advisor M.K. Narayanan, Cabinet Secretary K.M. Chandrashekhar, PM's Special Envoy Shyam Saran and Deputy National Security Advisor Shekhar Dutt. The four and up to 26 others were squarely in the crosshairs of the hacking attempt.

A top PMO official, whose e-mail account was cracked by the Chinese hackers, confirmed the espionage bid, saying: These kind of hacking attempts are made. To think they are not made is wrong. The internet or intranet is not used for official purposes. As per the India Today, According to Bharat Karnad, a strategic affairs analyst, "China wants war by all means. It doesn't believe in peacetime. For China, it's always rivals, always competition." R.S.N. Singh, a former RAW officer, says: "China wants to dominate and control this space. This cyber army has soldiers not in uniform but anybody and everybody, maybe college students. It's very serious as cyber warfare can bring a country to a crippling halt."

The timing of the espionage attempt has investigators suspecting that the Chinese hackers were desperately trying to access any data on India's position at the Copenhagen Climate Summit. Until Prime Minister Manmohan Singh arrived in Copenhagen on December 17, Environment Minister Jairam Ramesh and PM's Special Envoy Shyam Saran were singing different tunes. While Ramesh was in favour of scrapping the Kyoto Protocol, Saran was against the move. On December 15 when India's final stand was still shrouded in mystery, the Chinese hackers targeted the PMO computers.

But what has disturbed investigators the most is that the Chinese hackers quite likely had inside help. The possibility of a mole within the Indian establishment helping a foreign adversary is staring investigators in the face. And the technology being used is preoccupying the Indian sleuths no end. The espionage attempt was highly evolved and well-researched. The mail was routed through several multi-proxy servers thus obliterating the trail. The hacking spyware itself was embedded in a PDF document. And the trojan was programmed to carry out an array of functions, including downloading files, accessing emails and passwords and also accessing the desktop from a remote location.

The police officers, lawyers and judges must be trained in cyber law aspects so that cyber criminals may be suitably punished. In the absence of proper training, there is almost no conviction of cyber criminals in India. To fight the cyber crimes the Crime and Criminal Tracking Network & Systems (CCTNS) Project has been approved by the Cabinet Committee on Economic Affairs Govt. of India. It has a financial cushion of Rs.2000 Crores as per the 11th Five Year Plan. The Project would be initiated by the Ministry of Home Affairs and implemented by the National Crime Records Bureau. The CCTNS project is to be implemented in a manner where the major role would lie with the State Governments in order to bring in the requisite stakes, ownership and commitment, and only certain core components would be in the hands of the Central Government, apart from the required review and monitoring of project implementation on a continuing basis.

The broad objectives of the CCTNS project are streamlining investigation and prosecution processes, strengthening of intelligence gathering machinery, improved public delivery system and citizen-friendly interface, nationwide sharing of information across on crime and criminals and improving efficiency and effectiveness of police functioning. The Project aims to fulfill various specified objectives over a period of three years. cases registered at Police Stations; obtaining copies of FIRs, post-mortem reports and other permissible documents etc. An indicative list of e-services expected from CCTNS to citizens would be filing of complaints / information to concerned Police Station; obtaining status of complaints.

The information technology is a double edge sword, which can be used for destructive as well as constructive work. For instance, a malicious intention forwarded in the form of hacking, data theft, virus attack, etc can bring only destructive results unless and until these methods have been used for checking the authenticity, safety and security of the technological device which has been primarily relied upon and trusted for providing the security to a particular organisation.

In fact, a society without protection in the form of "self help" cannot be visualised in the present electronic era. Thus, we must concentrate upon securing our ICT and e-governance bases before we start encashing their benefits. The same can be effectively achieved if we give due importance to this fact while discussing, drafting and adopting policies decisions pertaining to ICT in general and e-governance in particular. The same is also important for an effective e-commerce base and an insecure and unsafe ICT base can be the biggest discouraging factor for a flourishing e-commerce business. The factors relevant for this situation are too numerous to be discussed in a single work. Thus, it would be better if we concentrate on each factor in a separate but coherent and holistic manner. The need of the hour is to set priority for a secure and safe electronic environment so that its benefits can be reaped to the maximum possible extent.

The ubiquitous use of computers and other electronic devices is creating a rapidly rising wave of new and stored digital information. The massive proliferation of data creates ever-expanding digital information risks for organizations and individuals. Electronic information is easy to create, inexpensive to store, and virtually effortless to replicate. As a result, increasingly vast quantities of digital information reside on mass storage devices located within and without corporate information systems. Information risks associated with this data are many. For example, electronic data can often show — with a high degree of reliability — who said, knew, took, shared, had and did what, and who else might be involved in the saying, knowing, taking, sharing, having, and doing. For the corporation, the free flow of digital information means that the backdoor is potentially always open to loss.

It is best to state up-front that the emphasis in any cyber forensic examination must be on the forensic element, and it is vital to understand that forensic computing, cyber forensics, or computer forensics is not solely about computers. It is about rules of evidence, legal processes, the integrity and continuity of evidence, the clear and concise reporting of factual information to a court of law, and the provision of expert opinion concerning the provenance of that evidence: Companies are very concerned about the notion that anything they write electronically can be used again at any time. If you have to discipline yourself to think, "can this be misconstrued?" that greatly hampers your ability to communicate and introduces a huge level of inefficiency.

One such improvement that is urgently required to be adopted, implemented and inculcated by the Judges of District Courts, High Courts and Supreme Court of India pertains to Techno-Legal acumen and knowledge. Techno-Legal acumen is difficult to acquire as it requires a sound working and practical knowledge of both technical as well as legal aspect of the Information and Communication Technology (ICT) related aspects. Issues like Cyber Law, International Telecommunications Laws, Cyber Forensics, Digital Evidencing, Cyber Security, etc pose difficult and sometimes non-understandable legal issues before the Courts. The Judges in India must fill in this much needed and unnoticed legal gap that has not yet been explored by them.

The establishment of E-Courts in India requires certain prerequisites. These are: E-Courts Policy, Data Keeping, and Payment Gateway. Simplicity And User Friendly Connectivity, Scope, Authentication, Integrity, Security. However, if the courts have to keep in step and play their part in restoring public confidence in the legal system then they must find new ways to improve the efficiency and effectiveness of their operations. Information and Communication technology (ICT) can be a panacea for the dying judicial system of India. We can effectively use ICT for establishment of E-Courts in India so that E-Judiciary in India can be a reality. However, the task is really difficult to achieve because of lack of expertise and absence of time bound performance. Every year in the month of February, the tenure of E-Courts Committee is extended for another year. This shows there is a lack of Political Will to achieve the task as merely extending time for another year without performance report and accountability is just a pretext to avoid the ultimate accomplishment, i.e. establishment of E-Courts in India.

The fact remains that despite all glamorous conferences and public announcements, we do not have even a single E-Court in India and there is not even a single case that has been filed, contested and finally adjudicated through an E-Court System in India. Where those claimed E-Courts are and what cases they had adjudicated is still a big mystery. It seems India is just making press statements years after years and courts after courts about establishment of E-Courts in India without actually establishing and operationalising them. The task of their establishment and operationalising cannot be accomplished till we honestly and dedicatedly try to achieve the same. Till now India is just adopting the half hearted efforts and evasive approach.

The Cyber Forensics has given new dimensions to the Criminal laws, especially the Evidence law. Electronic evidence and their collection and presentation have posed a challenge to the investigation agencies, prosecution agencies and judiciary. The scope of Cyber Forensics is no more confined to the investigation regime only but is expanding to other segments of justice administration system as well. The justice delivery system cannot afford to take the IT revolution lightly. The significance of cyber forensics emanates from this interface of justice delivery system with the Information Technology.

Evidence must be gathered by law enforcement in accordance with court guidelines governing search and seizure. The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but on probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. Computer crime is escalating.

The growing use of IT has posed certain challenges before the justice delivery system that have to be met keeping in mind the contemporary IT revolution. The contemporary need of Cyber Forensics is essential for the following reasons: The traditional methods are inadequate: The law may be categorised as substantive and procedural. The substantive law fixes the liability whereas the procedural law provides the means and methods by which the substantive liability has to contended, analysed and proved. The procedural aspects providing for the guilt establishment provisions were always there but their interface with the IT has almost created a deadlock in investigative and adjudicative mechanisms. The challenges posed by IT are peculiar to contemporary society and so must be their solution. The traditional procedural mechanisms, including forensic science methods, are neither applicable nor appropriate for this situation. Thus, "cyber forensics" is the need of the hour. India is the 12th country in the world that has its own "Cyber law" (IT Act, 2000). However, most of the people of India, including lawyers, judges, professors, etc, are not aware about its existence and use. The traditional forensic methods like finger impressions, DNA testing, blood and other tests, etc play a limited role in this arena.

The changing face of crimes and criminals: The use of Internet has changed the entire platform of crime, criminal and their prosecution. This process involves crimes like hacking, pornography, privacy violations, spamming, phishing, pharming, identity theft, cyber terrorisms, etc. The modus operendi is different that makes it very difficult to trace the culprits. This is because of the anonymous nature of Internet. Besides, certain sites are available that provides sufficient technological measures to maintain secrecy. Similarly, various sites openly provide hacking and other tools to assist commission of various cyber crimes. The Internet is boundary less and that makes the investigation and punishment very difficult. These objects of criminal law will become a distant reality till we have cyber forensics to tackle them.

There is a dire need to compare the traditional crimes and criminals with the crimes and criminal in the IT environment. More specifically, the following must be the parameters of this comparison: Nature of the crime; Manner/Methods of commission of the crime; Purpose of the crime; Players involves in these crimes, etc.

Thus, Cyber Forensics is required to be used by the following players of criminal justice system: Investigation machinery- Statutory as well as non-statutory; Prosecution machinery, and; Adjudication machinery- Judicial, quasi-judicial or administrative; Jurisdictional dilemma: The Internet is not subject to any territorial limits and none can claim any jurisdiction over a particular incidence. Thus, at times there is conflict of laws. The best way is to use the tool of Cyber Forensics as a "preventive measure" rather than using it for "curative purposes.

Cyber Forensics is different from E-Discovery, Digital Recovery or other synonymous terms. Cyber Forensics primarily caters the "Legal Requirements" whereas E-Discovery meets the requirements of private individuals and organizations.

The management of the organisation decides to trace the origin of this breach. After proper analysis they come to know about the source of that breach. Till this stage it is only an E-Discovery. The management can take whatever preventive or remedial measure as it may deem fit.

If the management decides to take a "Legal Action" against the offender, it has to prove the acquired digital evidence before the Court of Law. Mere E-Discovery may not be enough to prove the guilt of the accused as legal requirements regarding evidence and procedural laws must also be complied with. When the E-Discovery is "Law Compliant" it becomes "Cyber Forensics".

Similarly, there are certain laws that require individuals and organisation to exercise "Due Diligence" and "Statutory Compliances". These requirements may fall either in the category of E-Discovery or Cyber Forensics as per the facts and circumstances of each case. The contemporary practice is to perform live analysis to get useful volatile data that is lost the moment a computer is turned off or after the pulling of the plug.

Computer Forensics deals with the preservation, identification, extraction, and documentation of computer evidence. The field is relatively new to the private sector but it has been the mainstay of technology-related investigations and intelligence gathering in law enforcement and military agencies since the mid- 1980s. Like any other forensic science, computer forensics involves the use of sophisticated technology tools and procedures that must be followed to guarantee the accuracy of the preservation of evidence and the accuracy of results concerning computer evidence processing.

It is extremely important to realize that evidence must have been gathered and that computer-generated evidence is considered "hearsay" with some exclusion. Depending on your role or responsibility in the computer forensics investigation, you may be subject to differing sets of rules and regulations. Internal investigators. Typically, computer forensic tools exist in the form of computer software.

Computer forensic specialists guarantee accuracy of evidence processing results through the use of time-tested evidence processing procedures and through the use of multiple software tools, developed by separate and independent developers. The use of different tools that have been developed independently to validate results is important to avoid inaccuracies introduced by potential software design flaws and software bugs. The introduction of the personal computer in 1981 and the resulting popularity came with a mixed blessing. Society in general benefited, but so did criminals using personal computers in the commission of crimes. Today, personal computers are used in every facet of society to create and share messages, compute financial results, transfer funds, purchase stocks, make airline reservations, and access bank accounts and a wealth of worldwide information on essentially any topic. Computer forensics is used to identify evidence when personal computers are used in the commission of crimes or in the abuse of company policies. Computer forensic tools and procedures are also used to identify computer security weaknesses and the leakage of sensitive computer data. In the past, documentary evidence was typically stored on paper and copies were made with carbon paper or photocopy machines.

Most documents are now stored on computer hard disk drives, floppy diskettes, Zip disks, and other forms of removable computer storage media. Computer forensics deals with finding, extracting, and documenting this form of "electronic" documentary evidence. Along the way, prior to formally pursuing a cyber forensics investigation, several important and critical questions must be asked:

The growing use of ICT for administration of all the spheres of our daily life cannot be ignored. Further, we also cannot ignore the need to secure the ICT infrastructures used for meeting these social functions. The threat from "malware" is not only apparent but also very worrisome. There cannot be a single solution to counter such threats. We need a techno-legal "harmonised law". Neither pure law nor pure technology will be of any use. Firstly, a good combination of law and technology must be established and then an effort must be made to harmonise the laws of various countries keeping in mind common security standards. In the era of e-governance and e-commerce a lack of common security standards can create havoc for the global trade in goods and services. The tool of Cyber Forensics, which is not only preventive but also curative, can help a lot in establishing a much needed judicial administration system and security base.

Referred Works

1. Praveen Dalal, Cyber Security In India: An Ignored World

2. Praveen Dalal,
Cybercrime and cyberterrorism: Preventive defense for cyberspace violations

3. Praveen Dalal,
Cyber Forensics In India

4. Shayam Prasad,
Law Enforcement In India Needs Techno-Legal Training

5. Techtalk,
Home Ministry Of India Is Taking Wrong Cyber Security Measures

6. Techtalk,
Crime and Criminal Tracking Network And Systems Of India

7. Praveen Dalal,
TECHNO-LEGAL SUPPORT AND TRAINING FOR CRIME AND CRIMINAL TRACKING NETWORK AND SYSTEMS (CCTNS) PROJECT OF INDIA

8. Praveen Dalal,
TECHNO-LEGAL JUDICIAL TRAINING IN INDIA

9. Praveen Dalal,
E-COURTS IN INDIA: AN ESSENTIAL JUDICIAL REFORM

10. University of California at Berkeley, School of Information Management and Systems, October 2000,
http://www.sims.berkeley.edu/how-much-info/.

11. Designing a Document Strategy: Documents…Technology…People. Craine, K., MC2 Books, 2000.

12.
http://www.cyber-forensic-analysis.com/CyberForensicsIndex.pdf

13 Praveen Dalal, "Securing cyberspace by private defence",

14. Praveen Dalal, "ICT strategy in India: The need of rejuvenation.

15
http://indiatoday.intoday.in/site/Story/79215/India/Chinese+hackers+target+PMO+computers+.html

16. Tabrez Ahmad, Lessons for India in the Backdrop of Chinese Hackers Attack on PMO